Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/hk-vr9g6x81LEdyCg-SfNWMUYj4.roa
File: hk-vr9g6x81LEdyCg-SfNWMUYj4.roa (raw, json)
Hash identifier: 0zDMNrnN59pl9vdQRAfvK9NWQ3Y67I4Kz/Zy/3qMC/k=
Subject key identifier: 86:4F:AF:AF:D8:3A:C7:CD:4B:11:DC:82:83:E4:9F:35:63:14:62:3E
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 018983B5A63E17C6A80C141BD1B0D8C9AD2D
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/hk-vr9g6x81LEdyCg-SfNWMUYj4.roa
Signing time: Sun 23 Jul 2023 17:04:27 +0000
ROA not before: Sun 23 Jul 2023 17:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 109.238.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:83:b5:a6:3e:17:c6:a8:0c:14:1b:d1:b0:d8:c9:ad:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jul 23 17:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=864fafafd83ac7cd4b11dc8283e49f356314623e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b3:97:c8:e2:35:e4:20:9a:2e:91:4f:92:0c:
7b:4d:55:ac:22:c4:f8:50:38:87:b9:b8:e1:79:04:
20:25:9e:ab:45:a4:64:50:76:cc:1e:1a:54:56:4f:
de:6a:49:07:ff:47:f3:c8:c9:18:1d:04:a1:a3:01:
a2:8f:45:ab:9d:05:3d:8b:2d:e7:fc:07:19:49:ea:
b6:eb:f9:17:8a:51:73:a6:79:26:92:97:cf:8c:8d:
53:aa:20:53:bc:72:f6:1d:a5:3c:1f:3b:c8:d2:58:
b6:c5:cc:a0:3c:b1:1c:b2:81:16:ae:ea:4e:83:45:
b3:ea:ad:ac:c9:b2:35:cf:cf:d6:30:d5:bd:29:a8:
50:11:bf:0b:24:6a:93:85:c0:9b:a4:32:ab:aa:26:
e2:0e:5c:fe:75:44:9a:ef:24:5e:8b:0f:c7:63:08:
f5:db:43:d1:c5:e7:38:71:8d:da:38:94:b7:3d:42:
2c:20:57:58:b0:d0:f7:ff:09:d8:f0:bb:a8:dd:f2:
71:4b:a8:4e:3f:d9:4b:57:ef:0f:13:55:d3:c3:9d:
cd:d4:e8:cb:b2:69:22:c4:60:0f:f5:51:c6:fa:dc:
7e:4e:8c:fb:14:6e:7d:01:47:46:b2:6f:99:bb:2f:
c8:68:0f:a7:c0:83:9f:0d:ea:9e:df:29:f5:5e:2b:
df:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4F:AF:AF:D8:3A:C7:CD:4B:11:DC:82:83:E4:9F:35:63:14:62:3E
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/hk-vr9g6x81LEdyCg-SfNWMUYj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.204.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:15:4a:b4:ef:71:a3:a3:ad:1b:3e:bc:a0:5c:e4:ee:70:e3:
45:06:63:72:f8:af:f4:7a:47:5c:85:c9:81:7e:e3:df:bc:00:
16:3d:03:21:00:06:7a:8a:63:7d:88:ac:8e:34:ec:47:8c:a6:
3f:1d:b5:9d:87:b6:46:ed:72:fa:36:dd:7f:49:f0:1f:ad:b7:
5f:6f:54:8a:57:e6:11:ba:01:97:c0:f5:3f:48:3d:f8:df:2a:
23:dd:46:d2:df:32:bd:08:20:05:b2:f3:10:8a:ed:71:e3:25:
5b:23:8b:b5:a1:ae:3c:01:af:4b:09:e5:7c:86:1b:98:be:97:
40:6c:1e:06:73:38:c3:b4:a1:74:14:e9:ed:63:7a:9d:62:1a:
1d:3a:7d:50:8e:2d:b3:46:29:e4:f3:a0:86:97:da:b3:c2:e7:
d4:ca:2b:f6:16:8f:0a:5f:f6:d2:dd:b5:96:af:ec:9e:dd:bd:
2b:94:57:fc:10:6b:2f:87:36:40:ba:18:36:9e:e2:63:c7:95:
5b:e9:70:1f:f1:51:6d:9a:fe:35:7f:8b:80:04:9f:98:9f:1e:
86:5c:ea:b2:59:6b:df:c9:bb:65:9b:2e:0a:9f:d6:5e:ee:08:
3f:ea:7b:cd:78:8c:65:b8:b0:36:46:49:f0:08:00:af:48:eb:
b0:c9:59:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmDtaY+F8aoDBQb0bDYya0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwNzIzMTcwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRmYWZhZmQ4M2FjN2NkNGIxMWRjODI4M2U0OWYzNTYzMTQ2MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7OXyOI15CCaLpFPkgx7TVWsIsT4
UDiHubjheQQgJZ6rRaRkUHbMHhpUVk/eakkH/0fzyMkYHQShowGij0WrnQU9iy3n
/AcZSeq26/kXilFzpnkmkpfPjI1TqiBTvHL2HaU8HzvI0li2xcygPLEcsoEWrupO
g0Wz6q2sybI1z8/WMNW9KahQEb8LJGqThcCbpDKrqibiDlz+dUSa7yReiw/HYwj1
20PRxec4cY3aOJS3PUIsIFdYsND3/wnY8Luo3fJxS6hOP9lLV+8PE1XTw53N1OjL
smkixGAP9VHG+tx+Toz7FG59AUdGsm+Zuy/IaA+nwIOfDeqe3yn1XivfVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZPr6/YOsfNSxHcgoPknzVjFGI+MB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvaGstdnI5ZzZ4ODFMRWR5Q2ctU2ZOV01VWWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbe7MMA0G
CSqGSIb3DQEBCwUAA4IBAQCeFUq073Gjo60bPrygXOTucONFBmNy+K/0ekdchcmB
fuPfvAAWPQMhAAZ6imN9iKyONOxHjKY/HbWdh7ZG7XL6Nt1/SfAfrbdfb1SKV+YR
ugGXwPU/SD343yoj3UbS3zK9CCAFsvMQiu1x4yVbI4u1oa48Aa9LCeV8hhuYvpdA
bB4GczjDtKF0FOntY3qdYhodOn1Qji2zRink86CGl9qzwufUyiv2Fo8KX/bS3bWW
r+ye3b0rlFf8EGsvhzZAuhg2nuJjx5Vb6XAf8VFtmv41f4uABJ+Ynx6GXOqyWWvf
ybtlmy4Kn9Ze7gg/6nvNeIxluLA2RknwCACvSOuwyVnU
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:31 2024 by rpki-client on console-ams.rpki-client.org